Cloud Computing and Internet Security

Cloud computing service providers (CSPs) differ in the capabilities, security and prices they offer. CSPs usually offer software as a service, platform as a service or infrastructure as a service. Most commonly, consumer use of CSPs is as a storage platform where they push digital pictures, music, and documents into “the cloud” and retrieve those digital files when they are needed at a smartphone or personal computer.

Cloud storage reduces the need for local storage, but that becomes relevant only for consumers who keep a lot of pictures, videos and music. The more salient advantage of cloud storage comes from versions that support file syncing, a service that keeps files aligned with the changes you make while using any of your devices. Well-regarded CSPs offering consumer services include — iDrive, Sugar Sync, Spider Oak ONE, Microsoft OneDrive, CertainSafe Digital Safety Deposit Box, Google Drive, Apple iCloud Drive, Box (personal) and Dropbox. Their prices run from free to a few hundred dollars per year.

Businesses have similar cloud needs. They welcome the remote storage functions, but they also use CSP’s webhosting, computing and software capabilities. CSPs provide remote operating and development environments where CSPs have provided sophisticated preparation and maintenance that keeps software updated to the latest versions. CSPs focus on exemplary high levels of service and security such as 99.99% uptime and full, round-trip encryption for your data.

An IT manager can give employees instant access to rock-steady business applications they may need in the cloud, simply by signing them up. CSPs maintain their customer workspaces and tools at highly secure levels. That background effort saves customer IT managers from the cost of staffing up with expensive technical skills. CSP’s technical specialists can work their magic and the benefit is shared among all the CSP’s customers. The largest CSPs focused on the business market include Microsoft, IBM, Amazon, Century Link, Oracle, Google, Rackspace, SAP, Salesforce and Verizon.

Most offer training courses for customer employees, helping them to avoid being tricked into revealing authentication tools, loaning credentials or downloading malicious data.

While CSPs outshine most of their customers in privacy and security, they can be a serious security exposure when they cave in to nation-state bullying.

The Telegram app offers optional end-to-end encryption, allowing all messages to be encrypted on the sender’s phone and decrypted on the receiver’s phone, which means that no part of the network can eavesdrop on the messages. Telegram has become a good example of censorship. Russia ordered Telegram to reveal messages it was carrying for political dissidents and journalists. Telegram refused to cooperate. Russia began blocking the IP addresses that Telegram used, but Telegram had acquired thousands of IP addresses and was able to hop from one to the next, leaving Russia scrambling to find the next end-point. The IP-hopping tactic did not disrupt service for Telegram customers.

Russia’s next step was to demand cooperation from the CSPs that Telegram uses. There are a limited number of CSPs of enough scale and geographic coverage to handle Telegram. Earlier, Russia demonstrated it was willing to endure the collateral damage to Russian businesses that a shutdown of CSPs would cause. That willingness to play hardball against CSPs creates a huge financial threat for the targeted CSPs. If they cave in, Telegram becomes nonviable, but if they resist, Russia can shut down datacenters or major network paths. That will decimate the CSPs’ businesses and disrupt their customers.

WhatsApp and Signal offer services similar to Telegram, but they are less tolerant of the shaky networks that Telegram can tolerate, so they are not a full substitute, even if their owners resist Russian orders. Earlier this year, Google and Amazon banned and blocked the practice of “domain fronting,” a trick that anti-censorship tools (such as Tor) use to get around Internet censors by pretending to be other kinds of traffic.

Some large CSPs are compliant with the demands of heavy-handed censors such as China and Russia. When they concede to censorship, we lose privacy and freedom of speech. When they resist censorship, they make a big financial sacrifice and jeopardize the stability of services offered to consumers. There is no immediate remedy for aggressive censors.

Archives

Welcome

Americans are facing challenges sometimes caused by questionable public policy and regulations that raise industry costs – both of which lead to higher consumer prices and fewer choices for consumers. ACI's focus is to support concepts which spur competition, encourage innovation, create jobs and benefit consumers overall, while maintaining reasonable and necessary consumer safeguards.

We serve as an academic voice for consumers. Our goal is to build awareness, survey consumer attitudes on public policy issues, facilitate discussion, and offer research-based solutions that have the best interest of consumers in mind.

We encourage you to sign up for our periodic updates regarding important state and national issues, share this website with family and friends, financially support our research, and check back for updated news and resources. Feel free to contact us and let your voice be heard.

Is a 501(c)(3) nonprofit educational and research institute founded on the belief that consumers’ interests are not satisfactorily represented by the wide variety of advocacy and consumer organizations that often represent small subsets of consumers and special interests... Read More...